How ASIC's attempt to block one website took down 250,000

Australia's corporate watchdog has admitted to inadvertently blocking access to about 250,000 innocuous websites in addition to the 1200 it had already accidentally censored.

ASIC made the concession in a statement at a senate estimates hearing on Tuesday night, after it caused controversy by interpreting a 15-year-old law in the Telecommunications Act as giving it the ability to block websites.

ASIC has been revealed to have blocked 250,000 innocuous websites. Photo: Arsineh Houspian

The largest number of sites censored when attempting to block one particular site ASIC believed was defrauding Australians was 250,000. Of these, ASIC said about 1000, or 0.4 per cent, were active sites. It said the 249,000 other sites hosted "no substantive content" or offered their domain name up for sale, rather than hosting a fully-fledged active site.

ASIC asked internet service providers (ISPs) to block sites it believed were defrauding Australians by IP address (such as 203.56.34.11) instead of domain name (such as sitedefraudingaustralians.com). This meant thousands of other sites were blocked in the process, as many sites are often hosted on one shared IP address.

Greens Senator Scott Ludlam put pressure on agencies to find out about the blocking.

ASIC told senate estimates in its opening statement that it was now examining how it could ensure only a site's specific domain name was blocked and ways it could alert the public to a site being blocked via a pop up page. It was also examining ways such a page could indicate why access was blocked and to whom queries could be made to dispute a block.

ASIC deputy chairman Peter Kell told estimates the watchdog had used section 313 of the Telecommunications Act on 10 occasions in the past year to request a number of Australian ISPs to block sites. ASIC sent the notices to four or five ISPs on each occasion.

Advertisement

On all 10 occasions it requested websites be blocked by IP address instead of by domain name.

You will now receive updates fromTechnology Newsletter

Technology Newsletter

In another already reported case, about 1200 sites were blocked by mistake. On the other eight occasions ASIC said "only the targeted criminal site, or the targeted site and a very small number of other sites" were affected.

So far ASIC, the Australian Federal Police and a yet-to-be-revealed national security agency under the Attorney-General's remit have used section 313 to block sites at a federal level. State and territory law enforcement authorities are also able to use section 313 but it is not yet known if they have done so as there is no one agency that has oversight.

ASIC has vowed to report annually on its blocking of websites, the only authority to do so.

Use of section 313 to block websites was only uncovered last month after the webmasters of the Melbourne Free University site couldn't figure out why it was no longer accessible. After making a number of inquiries to their ISP, the webmasters were told that the Australian government had blocked access to the site. The ISP wouldn't provide any more detail.

It wasn't until after the media and Greens Senator Scott Ludlam got involved that the Department of Broadband, Communications and the Digital Economy revealed to tech publication Delimiter that ASIC was behind the censoring.

Soon after the revelation, the department convened a meeting on May 22 with federal government departments and agencies, including ASIO, to discuss use of section 313.

Communications Minister Senator Conroy has since expressed his support of there being more transparency around the way section 313 is used by law enforcers.